b8279f87dc5195a29aa26fbc7f632293_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b8279f87dc5195a29aa26fbc7f632293_JaffaCakes118
Size

168KB
MD5

b8279f87dc5195a29aa26fbc7f632293
SHA1

5147be3eb6cd9b00c47cdeb997981b974d12dd5f
SHA256

f17f48fccc9d792f46136d90d515c60c354135a98d30f259fe9dd9120cd99afe
SHA512

b47e4f07276929cf7adf0258b67b8532218b06cc9d09d275ed13b6480226d52e27d608636000a1326c3dae2f83e8531546b7037d315265fe9551197f645184f2
SSDEEP

3072:4zWB/zhpSE1cn1qY6l2giKhXKteMn7MuqWZ0:4ChSEcLKKod

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b8279f87dc5195a29aa26fbc7f632293_JaffaCakes118

Files

b8279f87dc5195a29aa26fbc7f632293_JaffaCakes118
.exe windows:4 windows x86 arch:x86

13e319dcdcaa1bb0a6de2f9674d3e051

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetMapMode
DeleteObject
GetPixel
CreateSolidBrush
PatBlt
SetTextColor
LineTo
GetClipBox
CreatePen
RectVisible
RestoreDC
SaveDC
SelectObject
SetTextAlign
SelectPalette
DeleteDC
CreatePalette
GetDeviceCaps
CreateFontIndirectA
CreateCompatibleDC
GetTextMetricsA
SetStretchBltMode
GetObjectA

user32

GetSystemMetrics
TranslateMessage
GetParent
GetDC
GetDesktopWindow
CharNextA

kernel32

GetThreadLocale
GetStartupInfoA
GlobalFindAtomW
lstrlenA
MulDiv
RemoveDirectoryA
GetCurrentProcess
DeleteFileA
lstrcmpA
GlobalFindAtomA
GetVersion
GetCurrentThreadId
DeleteFileW
GetTickCount
lstrlenW
VirtualAlloc
GetCommandLineW
VirtualFree
GetACP
IsDebuggerPresent
SetCurrentDirectoryA
QueryPerformanceCounter
GetProcessHeap
lstrcmpiW
GetUserDefaultLangID
GetDriveTypeA
GetConsoleOutputCP
GetOEMCP
GetCommandLineA
GetCurrentProcessId
GetWindowsDirectoryA
GetModuleHandleW
lstrcmpiA
CopyFileA
GetModuleHandleA
GetCurrentThread

glu32

gluNurbsCallback

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Pkxbu. X
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Eytlv Up
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

13e319dcdcaa1bb0a6de2f9674d3e051

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

user32

kernel32

glu32

Sections

.text Size: 11KB - Virtual size: 10KB

Pkxbu. X Size: 512B - Virtual size: 4KB

.rdata Size: 27KB - Virtual size: 26KB

Eytlv Up Size: 512B - Virtual size: 4KB

.data Size: 100KB - Virtual size: 99KB

.rsrc Size: 28KB - Virtual size: 27KB

.text
Size: 11KB - Virtual size: 10KB

Pkxbu. X
Size: 512B - Virtual size: 4KB

.rdata
Size: 27KB - Virtual size: 26KB

Eytlv Up
Size: 512B - Virtual size: 4KB

.data
Size: 100KB - Virtual size: 99KB

.rsrc
Size: 28KB - Virtual size: 27KB